001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.portletconfiguration.action;
016    
017    import com.liferay.portal.kernel.servlet.SessionErrors;
018    import com.liferay.portal.kernel.util.GetterUtil;
019    import com.liferay.portal.kernel.util.ParamUtil;
020    import com.liferay.portal.kernel.util.StringUtil;
021    import com.liferay.portal.kernel.util.Validator;
022    import com.liferay.portal.model.Portlet;
023    import com.liferay.portal.model.PortletConstants;
024    import com.liferay.portal.security.auth.PrincipalException;
025    import com.liferay.portal.security.permission.PermissionPropagator;
026    import com.liferay.portal.service.PermissionServiceUtil;
027    import com.liferay.portal.service.PortletLocalServiceUtil;
028    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
029    import com.liferay.portal.service.ResourceBlockServiceUtil;
030    import com.liferay.portal.service.ResourcePermissionServiceUtil;
031    import com.liferay.portal.theme.ThemeDisplay;
032    import com.liferay.portal.util.PropsValues;
033    import com.liferay.portal.util.WebKeys;
034    
035    import java.util.ArrayList;
036    import java.util.Enumeration;
037    import java.util.HashMap;
038    import java.util.List;
039    import java.util.Map;
040    
041    import javax.portlet.ActionRequest;
042    import javax.portlet.ActionResponse;
043    import javax.portlet.PortletConfig;
044    import javax.portlet.RenderRequest;
045    import javax.portlet.RenderResponse;
046    
047    import org.apache.struts.action.ActionForm;
048    import org.apache.struts.action.ActionForward;
049    import org.apache.struts.action.ActionMapping;
050    
051    /**
052     * @author Brian Wing Shun Chan
053     * @author Connor McKay
054     */
055    public class EditPermissionsAction extends EditConfigurationAction {
056    
057            @Override
058            public void processAction(
059                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
060                            ActionRequest actionRequest, ActionResponse actionResponse)
061                    throws Exception {
062    
063                    try {
064                            updateRolePermissions(actionRequest);
065    
066                            addSuccessMessage(actionRequest, actionResponse);
067                    }
068                    catch (Exception e) {
069                            if (e instanceof PrincipalException) {
070                                    SessionErrors.add(actionRequest, e.getClass());
071    
072                                    setForward(
073                                            actionRequest, "portlet.portlet_configuration.error");
074                            }
075                            else {
076                                    throw e;
077                            }
078                    }
079            }
080    
081            @Override
082            public ActionForward render(
083                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
084                            RenderRequest renderRequest, RenderResponse renderResponse)
085                    throws Exception {
086    
087                    ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
088                            WebKeys.THEME_DISPLAY);
089    
090                    long groupId = themeDisplay.getScopeGroupId();
091    
092                    String portletResource = ParamUtil.getString(
093                            renderRequest, "portletResource");
094                    String modelResource = ParamUtil.getString(
095                            renderRequest, "modelResource");
096                    String resourcePrimKey = ParamUtil.getString(
097                            renderRequest, "resourcePrimKey");
098    
099                    String selResource = portletResource;
100    
101                    if (Validator.isNotNull(modelResource)) {
102                            selResource = modelResource;
103                    }
104    
105                    try {
106                            PermissionServiceUtil.checkPermission(
107                                    groupId, selResource, resourcePrimKey);
108                    }
109                    catch (PrincipalException pe) {
110                            SessionErrors.add(
111                                    renderRequest, PrincipalException.class.getName());
112    
113                            setForward(renderRequest, "portlet.portlet_configuration.error");
114                    }
115    
116                    Portlet portlet = PortletLocalServiceUtil.getPortletById(
117                            themeDisplay.getCompanyId(), portletResource);
118    
119                    if (portlet != null) {
120                            renderResponse.setTitle(getTitle(portlet, renderRequest));
121                    }
122    
123                    return mapping.findForward(
124                            getForward(
125                                    renderRequest,
126                                    "portlet.portlet_configuration.edit_permissions"));
127            }
128    
129            protected String[] getActionIds(
130                    ActionRequest actionRequest, long roleId, boolean includePreselected) {
131    
132                    List<String> actionIds = getActionIdsList(
133                            actionRequest, roleId, includePreselected);
134    
135                    return actionIds.toArray(new String[actionIds.size()]);
136            }
137    
138            protected List<String> getActionIdsList(
139                    ActionRequest actionRequest, long roleId, boolean includePreselected) {
140    
141                    List<String> actionIds = new ArrayList<String>();
142    
143                    Enumeration<String> enu = actionRequest.getParameterNames();
144    
145                    while (enu.hasMoreElements()) {
146                            String name = enu.nextElement();
147    
148                            if (name.startsWith(roleId + "_ACTION_")) {
149                                    int pos = name.indexOf("_ACTION_");
150    
151                                    String actionId = name.substring(pos + 8);
152    
153                                    actionIds.add(actionId);
154                            }
155                            else if (includePreselected &&
156                                             name.startsWith(roleId + "_PRESELECTED_")) {
157    
158                                    int pos = name.indexOf("_PRESELECTED_");
159    
160                                    String actionId = name.substring(pos + 13);
161    
162                                    actionIds.add(actionId);
163                            }
164                    }
165    
166                    return actionIds;
167            }
168    
169            protected void updateRolePermissions(ActionRequest actionRequest)
170                    throws Exception {
171    
172                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
173                            WebKeys.THEME_DISPLAY);
174    
175                    String portletResource = ParamUtil.getString(
176                            actionRequest, "portletResource");
177                    String modelResource = ParamUtil.getString(
178                            actionRequest, "modelResource");
179                    long[] roleIds = StringUtil.split(
180                            ParamUtil.getString(
181                                    actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
182    
183                    String selResource = PortletConstants.getRootPortletId(portletResource);
184    
185                    if (Validator.isNotNull(modelResource)) {
186                            selResource = modelResource;
187                    }
188    
189                    long resourceGroupId = ParamUtil.getLong(
190                            actionRequest, "resourceGroupId", themeDisplay.getScopeGroupId());
191                    String resourcePrimKey = ParamUtil.getString(
192                            actionRequest, "resourcePrimKey");
193    
194                    Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();
195    
196                    if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
197                            for (long roleId : roleIds) {
198                                    List<String> actionIds = getActionIdsList(
199                                            actionRequest, roleId, true);
200    
201                                    roleIdsToActionIds.put(
202                                            roleId, actionIds.toArray(new String[actionIds.size()]));
203                            }
204    
205                            ResourceBlockServiceUtil.setIndividualScopePermissions(
206                                    themeDisplay.getCompanyId(), resourceGroupId, selResource,
207                                    GetterUtil.getLong(resourcePrimKey), roleIdsToActionIds);
208                    }
209                    else {
210                            for (long roleId : roleIds) {
211                                    String[] actionIds = getActionIds(actionRequest, roleId, false);
212    
213                                    roleIdsToActionIds.put(roleId, actionIds);
214                            }
215    
216                            ResourcePermissionServiceUtil.setIndividualResourcePermissions(
217                                    resourceGroupId, themeDisplay.getCompanyId(), selResource,
218                                    resourcePrimKey, roleIdsToActionIds);
219                    }
220    
221                    if (PropsValues.PERMISSIONS_PROPAGATION_ENABLED) {
222                            Portlet portlet = PortletLocalServiceUtil.getPortletById(
223                                    themeDisplay.getCompanyId(), portletResource);
224    
225                            PermissionPropagator permissionPropagator =
226                                    portlet.getPermissionPropagatorInstance();
227    
228                            if (permissionPropagator != null) {
229                                    permissionPropagator.propagateRolePermissions(
230                                            actionRequest, modelResource, resourcePrimKey, roleIds);
231                            }
232                    }
233            }
234    
235    }